def fetch_credentials():
"""
Returns: Account's credentials
"""
credentials = []
identifier = demisto.args().get('identifier')
duration_minutes = 1
account_info = get_managed_accounts_request()
for account in account_info:
account_name = account.get('AccountName')
system_name = account.get('SystemName')
if SYSTEM_NAME and system_name != SYSTEM_NAME:
continue
item = {
'SystemId': account.get('SystemId'),
'AccountId': account.get('AccountId'),
'DurationMinutes': duration_minutes
}
release_id = create_release_request(str(item))
password = get_credentials_request(str(release_id))
credentials.append({
'user': account_name,
'password': password,
'name': system_name + '_' + account_name
})
if identifier:
credentials = list(
filter(lambda c: c.get('name', '') == identifier, credentials))
demisto.credentials(credentials)
def main(): # pragma: no cover
params = demisto.params()
base_url = f"{params.get('url', '').rstrip('/')}'/api/v1'"
verify = not params.get('insecure', False)
proxy = params.get('proxy') == 'true'
client = Client(base_url, verify=verify, proxy=proxy)
command = demisto.command()
demisto.info(f'Command being called is {command}')
# Switch case
commands = {
'test-module': test_module_command,
'fetch-credentials': fetch_credentials,
f'{INTEGRATION_COMMAND_NAME}-list-accounts': list_accounts_command,
f'{INTEGRATION_COMMAND_NAME}-lock-account': lock_account_command,
f'{INTEGRATION_COMMAND_NAME}-unlock-account': unlock_account_command,
f'{INTEGRATION_COMMAND_NAME}-reset-account': reset_account_command,
f'{INTEGRATION_COMMAND_NAME}-lock-vault': lock_vault_command,
f'{INTEGRATION_COMMAND_NAME}-unlock-vault': unlock_vault_command,
f'{INTEGRATION_COMMAND_NAME}-list-vaults': list_vaults_command
}
try:
if command == 'fetch-credentials':
# Fetch credentials is handled, no return statement.
credentials = fetch_credentials(client)
demisto.credentials(credentials)
elif command in commands:
return_outputs(*commands[command](client, demisto.args()))
# Log exceptions
except Exception as e:
err_msg = f'Error in {INTEGRATION_NAME} - [{e}]'
return_error(err_msg, error=e)
def fetch_credentials():
credentials = []
engines_to_fetch_from = []
ENGINES = argToList(demisto.params().get('engines', []))
identifier = demisto.args().get('identifier')
concat_username_to_cred_name = argToBoolean(demisto.params().get('concat_username_to_cred_name') or 'false')
if len(ENGINES) == 0:
return_error('No secrets engines specified')
for engine_type in ENGINES:
engines_to_fetch = list(filter(lambda e: e['type'] == engine_type, ENGINE_CONFIGS))
engines_to_fetch_from += engines_to_fetch
if len(engines_to_fetch_from) == 0:
return_error('Engine type not configured, Use the configure-engine command to configure a secrets engine.')
for engine in engines_to_fetch_from:
if engine['type'] == 'KV':
if 'version' not in engine:
return_error('Version not configured for KV engine, re-configure the engine')
if engine['version'] == '1':
credentials += get_kv1_secrets(engine['path'], concat_username_to_cred_name)
elif engine['version'] == '2':
credentials += get_kv2_secrets(engine['path'], concat_username_to_cred_name)
elif engine['type'] == 'Cubbyhole':
credentials += get_ch_secrets(engine['path'], concat_username_to_cred_name)
if identifier:
credentials = list(filter(lambda c: c.get('name', '') == identifier, credentials))
demisto.credentials(credentials)
def fetch_credentials(client, args: dict):
"""Fetches the available credentials.
:param client: the client object with the given params
:param args: demisto args dict
:return: a credentials object
"""
creds_name = args.get('identifier')
demisto.debug('name of cred used: ', creds_name)
if creds_name:
try:
creds_list = [client.get_credentials(creds_name)]
except Exception as e:
demisto.debug(
f"Could not fetch credentials: {creds_name}. Error: {e}")
creds_list = []
else:
creds_list = client.list_credentials()
credentials = []
for cred in creds_list:
credentials.append({
"user": cred.get("UserName"),
"password": cred.get("Content"),
"name": cred.get("Name"),
})
demisto.credentials(credentials)
def fetch_credentials(client):
"""Fetches the available credentials.
:param client: the client object with the given params
:return: a credentials object
"""
res = client.list_credentials()
credentials = {
"user": res.get("UserName"),
"password": res.get("Content"),
"name": res.get("Name"),
}
demisto.credentials([credentials])
def fetch_credentials(client):
"""Fetches the available credentials.
:param client: the client object with the given params
:return: a credentials object
"""
creds_list = client.list_credentials()
credentials = []
for cred in creds_list:
credentials.append({
"user": cred.get("UserName"),
"password": cred.get("Content"),
"name": cred.get("Name"),
})
demisto.credentials(credentials)
